b12f/os
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

chore: update b12f.io

Browse source
This commit is contained in:
Benjamin Bädorf 2023-11-16 19:29:47 +01:00
parent 945bc6498c
commit 3ce15a1bef
No known key found for this signature in database
GPG key ID: 1B7BF5B77A521346
4 changed files with 110 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
hosts/frikandel/email.nix
View file

@ -5,6 +5,7 @@
lib, lib,
... ...
}: let }: let
hzDomain = lib.concatStrings [ "hw" "dz" "z." "net" ];
dkimDNSb12fio = '' dkimDNSb12fio = ''
default._domainkey IN TXT ( "v=DKIM1; k=rsa; " default._domainkey IN TXT ( "v=DKIM1; k=rsa; "
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyla9hW3TvoXvZQxwzaJ4SZ9ict1HU3E6+FWlwNIgE6tIpTCyRJtiSIUDqB8TLTIBoxIs+QQBXZi+QUi3Agu6OSY2RiV0EwO8+oOOqOD9pERftc/aqe51cXuv4kPqwvpXEBwrXFWVM+VxivEubUJ7eKkFyXJpelv0LslXv/MmYbUyed6dF+reOGZCsvnbiRv74qdxbAL/25j62E8WrnxzJwhUtx/JhdBOjsHBvuw9hy6rZsVJL9eXayWyGRV6qmsLRzsRSBs+mDrgmKk4dugADd11+A03ics3i8hplRoWDkqnNKz1qy4f5TsV6v9283IANrAzRfHwX8EvNiFsBz+ZCQIDAQAB" ) ; "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyla9hW3TvoXvZQxwzaJ4SZ9ict1HU3E6+FWlwNIgE6tIpTCyRJtiSIUDqB8TLTIBoxIs+QQBXZi+QUi3Agu6OSY2RiV0EwO8+oOOqOD9pERftc/aqe51cXuv4kPqwvpXEBwrXFWVM+VxivEubUJ7eKkFyXJpelv0LslXv/MmYbUyed6dF+reOGZCsvnbiRv74qdxbAL/25j62E8WrnxzJwhUtx/JhdBOjsHBvuw9hy6rZsVJL9eXayWyGRV6qmsLRzsRSBs+mDrgmKk4dugADd11+A03ics3i8hplRoWDkqnNKz1qy4f5TsV6v9283IANrAzRfHwX8EvNiFsBz+ZCQIDAQAB" ) ;
@ -29,12 +30,13 @@ in {
group = "maddy"; group = "maddy";
}; };
"mta-sts.b12f.io" = {}; "mta-sts.b12f.io" = {};
"mta-sts.${hzDomain}" = {};
}; };
services.nginx.virtualHosts = { services.nginx.virtualHosts = builtins.foldl' (hosts: hostName: hosts // {
"mta-sts.b12f.io" = { "mta-sts.${hostName}" = {
forceSSL = true; forceSSL = true;
useACMEHost = "mta-sts.b12f.io"; useACMEHost = "mta-sts.${hostName}";
locations."/" = { locations."/" = {
root = pkgs.runCommand "create-well-known-mta-sts" {} '' root = pkgs.runCommand "create-well-known-mta-sts" {} ''
mkdir -p "$out/.well-known" mkdir -p "$out/.well-known"
@ -42,13 +44,13 @@ in {
version: STSv1 version: STSv1
mode: enforce mode: enforce
max_age: 604800 max_age: 604800
mx: mail.b12f.io mx: mail.${hostName}
" > "$out/.well-known/mta-sts.txt" " > "$out/.well-known/mta-sts.txt"
''; '';
tryFiles = "$uri $uri/ =404"; tryFiles = "$uri $uri/ =404";
}; };
}; };
}; }) {} [ "b12f.io" hzDomain ];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '/run/maddy' 0750 maddy maddy - -" "d '/run/maddy' 0750 maddy maddy - -"
@ -115,16 +117,25 @@ in {
} }
} }
destination b12f.io {
modify { modify {
replace_rcpt regexp ".*" "mail@b12f.io" replace_rcpt &local_rewrites
} }
# at this point rcpt was normalized to either:
# postmaster@$(primary_domain),
# local_mailbox_without_tag@$(local_domains),
# replacements with alias
# destination_in block takes priority over destinations
destination_in &local_mailboxes {
deliver_to &local_mailboxes deliver_to &local_mailboxes
} }
destination postmaster $(local_domains) { # if rcpt is not in local_mailboxes, but has our domains,
# replace rcpt to catchall and deliver it there
destination $(local_domains) {
modify { modify {
replace_rcpt &local_rewrites replace_rcpt regexp ".*" "mail@$(primary_domain)"
} }
deliver_to &local_mailboxes deliver_to &local_mailboxes
} }

4
hosts/frikandel/website.nix
View file

@ -7,8 +7,8 @@
name = "benjaminbaedorf.eu"; name = "benjaminbaedorf.eu";
src = pkgs.fetchgit { src = pkgs.fetchgit {
url = "https://git.pub.solar/b12f/benjaminbaedorf.eu.git"; url = "https://git.pub.solar/b12f/benjaminbaedorf.eu.git";
rev = "1e6060483c79c0e1548b7d57d6da99c11abb47a6"; rev = "a6cc1d054fef083698331ad4cef6cc6e57ed218c";
hash = "sha256-TY/M9Fqtd9r0L7ZTvjnjXVzECJ91bBx/n33orvBIa+g="; hash = "sha256-uW6TwmXu0Tpapz+sewfCPYkDJcwTpMYPXLUGcd//UH0=";
sparseCheckout = [ sparseCheckout = [
"fonts" "fonts"
"cows.jpg" "cows.jpg"

16
terraform/b12f.io.tf
View file

@ -83,14 +83,14 @@ resource "hostingde_record" "b12f-autodiscover" {
ttl = 300 ttl = 300
} }
# resource "hostingde_record" "b12f-mx" { resource "hostingde_record" "b12f-mx" {
# zone_id = hostingde_zone.b12f.id zone_id = hostingde_zone.b12f.id
# name = "b12f.io" name = "b12f.io"
# type = "MX" type = "MX"
# content = "mail.b12f.io" content = "mail.b12f.io"
# priority = 10 priority = 10
# ttl = 300 ttl = 300
# } }
resource "hostingde_record" "b12f-mta-sts" { resource "hostingde_record" "b12f-mta-sts" {
zone_id = hostingde_zone.b12f.id zone_id = hostingde_zone.b12f.id

65
terraform/h.net.tf Normal file
View file

@ -0,0 +1,65 @@
locals {
domain = join("", ["hw", "dz", "z.", "net"])
}
resource "hostingde_zone" "hz" {
name = local.domain
type = "NATIVE"
}
resource "hostingde_record" "hz-AAAA" {
zone_id = hostingde_zone.hz.id
name = local.domain
type = "AAAA"
content = "2a01:4f8:c2c:b60::"
ttl = 300
}
resource "hostingde_record" "hz-A" {
zone_id = hostingde_zone.hz.id
name = local.domain
type = "A"
content = "128.140.109.213"
ttl = 300
}
resource "hostingde_record" "hz-mail" {
zone_id = hostingde_zone.hz.id
name = "mail.${local.domain}"
type = "CNAME"
content = local.domain
ttl = 300
}
resource "hostingde_record" "hz-autoconfig" {
zone_id = hostingde_zone.hz.id
name = "autoconfig.${local.domain}"
type = "CNAME"
content = "mail.${local.domain}"
ttl = 300
}
resource "hostingde_record" "hz-autodiscover" {
zone_id = hostingde_zone.hz.id
name = "autodiscover.${local.domain}"
type = "CNAME"
content = "mail.${local.domain}"
ttl = 300
}
resource "hostingde_record" "hz-mx" {
zone_id = hostingde_zone.hz.id
name = local.domain
type = "MX"
content = "mail.${local.domain}"
priority = 10
ttl = 300
}
resource "hostingde_record" "hz-mta-sts" {
zone_id = hostingde_zone.hz.id
name = "mta-sts.${local.domain}"
type = "CNAME"
content = "frikandel.${local.domain}"
ttl = 300
}